Subject: RISKS DIGEST 9.93 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Monday 21 May 1990 Volume 9 : Issue 93 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Stamford CT 18-hour telephone switch outage affects 27,000 lines (PGN) Irrational and nonvaledictory reasoning (PGN) Crackdown on 1-900-STOPPER? (John M. Sulak) P.T.U.U.I. (Robert Hardy, PGN) Military Computer Virus Contract (Rory J. O'Connor) Risks of Laser Printouts (Simson L. Garfinkel) Directions and Implications of Advanced Computing, DIAC-90 (Rodney Hoffman) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line (otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM. TO FTP VOL i ISSUE j: ftp CRVAX.sri.comlogin anonymousAnyNonNullPW cd sys$user2:[risks]get risks-i.j . Vol summaries now in risks-i.00 (j=0) ---------------------------------------------------------------------- Date: Mon, 21 May 1990 18:10:52 PDT From: "Peter G. Neumann" Subject: Stamford CT 18-hour telephone switch outage affects 27,000 lines At 2:42am on Thursday, 17 May, a Number 1A ESS switch (vintage 1973) in Stamford, Connecticut, broke down and for 18 hours blocked all residential and most business local calls (affecting 27,000 subscribers in exchanges 324, 326, 348, 351, 356, 358, 896, 964, 965, 969, 977, 979). (The same switch had broken down on 19-20 December 1985 for five hours, affecting 34,000 subscribers. Two such outages on the same switch is a very rare occurrence indeed.) The outage occurred while technicians were doing routine maintenance to update the database of phones served by that switch (12 of Stamford's 17 exchanges). The switch computer rejected the update and shut itself down. The backup system also failed. The eventual return to service followed extensive remote diagnostics from the AT&T Technology Center in Indian Hill, Illinois. However, the cause still remains unknown as of this afternoon (Monday). [Source: three articles by Seth Amgott in The Advocate, Stamford CT, 18 and 19 May 1990, plus phone conversations.] ------------------------------ Date: Mon, 21 May 1990 8:40:48 PDT From: "Peter G. Neumann" Subject: Irrational and nonvaledictory reasoning In a masterpiece of overendowing mathematical precision, the UPI reported that East Lake High School in north Pinellas County, Florida, had computed the grade-point averages of three graduating seniors as 4.2857142. The headline "Scholastic Tie -- to the Seventh Decimal" suggests that no one along the way recognized 4 and two sevenths in disguise. Straight A records at that. [Source: UPI item in the San Francisco Chronicle, 19 May 1990] ------------------------------ Date: 18 May 90 16:59:19 GMT From: sulak@ge-dab.ge.com (John M. Sulak) Subject: Crackdown on anonymous 1-900 services? (Re: McClelland, RISKS-9.91) This morning CNN had a story on the federal government in the US and how they plan to `crackdown' on 1-900 toll phone services. One such service, 1-900-STOPPER was said to allow callers to make unidentified phone calls. Of course, the callers to 1-900 could be identified by the government by date and time, but it would require a court order or consent of the 1-900 company. [... whose entire reason for existence is providing the service of anonymity/nonidentifiability! PGN] ------------------------------ Date: Sat May 19 16:29:06 1990 From: a195@mindlink.UUCP (Robert Hardy) Subject: P.T.U.U.I. Announcing the formation of P.T.U.U.I. (the Programmers and Technical Underdogs Union International) This organization was formed in response to the alarming proliferation of flaky employers. Have you ever poured your heart and soul into an exciting project only to have the company go under the day its ready for market? Have any of your previous employers pulled a `Midnight Move'? Have you worked diligently until the end of the month only to find the payroll isn't covered? Have you ever given your `Life's Work' to an employer only to have it stolen and marketed behind your back? We invite you to share your experiences and to co-operate in identifying and disseminating the names of `non-professional' employers. If one of our members has a bad experience, we would like to make it difficult if not impossible to find a competent replacement. We would like to act as an `Ombudsman' to mediate desputes. This group is open to all competent `Hardware' and `Software' independent contractors. Reply via E-Mail to MindLink BBS: 1-604-576-1214 (195) Robert Hardy PaNorAmA BBS: 1-604-281-1082 or 1-604-271-3098 Robert Hardy USENET : uunet!van-bc!rsoft!mindlink!RobertHardy or Write to P.T.U.U.I., 2994 Vincent St., Port Coquitlam, BC, V3B 5N2 Canada ------------------------------ Date: Mon, 21 May 1990 18:10:52 PDT From: "Peter G. Neumann" Subject: P.T.U.U.I. to you, too (thanks, Tom Lehrer!) P.T.U.U.I. reminds me of Tom Lehrer's ``Subway Song'', written while he was riding the Boston subway in the late 1940s or very early 1950s, but unfortunately never recorded. Particularly for those who know and love the `T', I recite it from memory (it is sung to the tune of ``Mother''), with apologies to Tom if I didn't remember it correctly, and apologies in advance to those purists who think it is irrelevant to RISKS. (Indeed, it is much too relevant to the foregoing contribution NOT to be included.) Cheers! PGN H is for my alma mater, Harvard, C is Central, next upon the line, K is for the cosy Kendall Station, C is Charles, across the foamy brine, P is Park Street, Boston's busy center, W is Washington, you see, Put them all together, they spell HCKC PW, [sung with great emphasis] And that's just what Boston means to me. ------------------------------ Date: Sun, 20 May 90 14:25:39 PDT From: rjoconnor@cdp.uucp (Rory J. O'Connor) Subject: Military Computer Virus Contract (RISKS-9.92) I'm the reporter at the San Jose Mercury News who wrote the story on the Army's SBIR proposal regarding computer viruses. I feel I must respond to the charge made by Mr. Jim Vavrina of the Army Information Systems Software Center that I mis-identified myself while researching the story. That assertion is false. At all times, as is standard practice among professional journalists, I made it clear to everyone I called or interviewed that I was a newspaper reporter working on a story about this proposal. When I reached a woman named Joyce Crisci at Ft. Monmouth, NJ, who identified herself as the project administrator, I identified myself as a reporter. When she attempted to tell me how to apply for the available funds, I felt she might have failed to understand that, so I again told her I was a reporter working on a story for my newspaper. She then answered most of my questions, but made it clear she would not discuss any technical details nor provide me with the names of the engineers who had written the project. The reason, she said, was that if such information appeared in my story, it could prejudice the bidding process. Indeed, at the conclusion of our interview, she verified the spelling of her name and gave me her (rather complicated) mailing address and requested I send her a copy of the article when it appeared in the newspaper. I'm sorry Mr. Vavrina never called me to ask my side of the story about this interview. If Mr. Vavrina thinks my story about the virus was in some way factually incorrect, or did not fully describe the Army's project or reasoning, I'd be happy to talk to him about it. I can be reached at (408) 920-5019, or at MCI Mail mailbox 361-2192, or at the San Jose Mercury News, 750 Ridder Park Drive, San Jose, CA 95190. Anyone else who would like to discuss this story, or the topic of computer viruses in general, may also contact me there. Rory J. O'Connor, Computing Editor, San Jose Mercury News ------------------------------ Date: Sun, 20 May 90 12:26:45 EDT From: simsong@next.cambridge.ma.us (Simson L. Garfinkel) Subject: Risks of Laser Printouts (RISKS-9.89,91,92) Not very surprising, considering that laser printers pump out gobs of ozone. The old DEC LN03 laser printer had an ozone filter on it that was supposed to be replaced at regular intervals. The ozone filter consisted of a granulated carbon filter. But this is the only laser printer that I have ever seen with such a filter. simson ------------------------------ Date: 18 May 90 13:24:18 PDT (Friday) From: Rodney Hoffman Subject: Conference: Directions and Implications of Advanced Computing Here's the program and registration information for a conference of interest, presented by Computer Professionals for Social Responsibility and co-sponsored by several other organizations: Computer Professionals for Social Responsibilty DIAC-90 SYMPOSIUM Directions and Implications of Advanced Computing July 28, 1990 Computer technology significantly affects most segments of society, including education, business, medicine, and the military. Current and emerging computer technology will exert strong influences on our lives, in areas ranging from work to civil liberties. The DIAC symposium considers these influences in a broad social context - ethical, economic, political - as well as a technical context seeking to address directly the relationship between technology and policy. Gutman Conference Center / Monroe C. Gutman Library 6 Appian Way Cambridge, Massachusetts KEYNOTE ADDRESS: Dr. Michael Rabin, Computer Security and Privacy Computer security is essential not just for the protection of valuable assets but also for safeguarding privacy. To this end technical tools are needed for correctly specifying who will access what personal data and for enforcing and monitoring the specified regime. These new technical tools as well as a new legal framework for defining the status of personal data will be presented. Michael Rabin is a Turing Award winner who is T.J. Watson Sr. Professor of Computer Science at Harvard. He teaches and conducts research in the fields of computer algorithms and computer security. PAPERS Rob Kling, "Four Genres of Social Analyses of Computerization" Paul Resnick and Mel King, "The Rainbow Pages - Building Community with Voice Technology" Chris Hables Gray, "AI at War: A Preliminary Analysis of the Aegis System in Combat" Hank Bromley, "Thinking about Computers and Schools, A Skeptical View" Sue Stafford, "Software for the Detection of Code Abuse - Answers and Issues" Judith Perrolle, Glenn Pierce, Michele Eayrs, A. Gilbert, Nightingale Rukuba, "The Effects of Computer Models of Global Warming on Regional Environmental Policies in East Africa and Southeast Asia" Nance Goldstein, "Software R&D in the Department of Defense in the 1980s: Institutional Resistance to the Demand of New Information Technology" Doris Schoenhoff, "Language, Logic and Expertise: The Human Interface of Expert Systems" David Durlach, "Affectionate Technolology" Joel Wolfson, "A Conduct Code: An Ethics Code with Bite" Harold Sackman, "Developing an International Participative Code of Computer Ethics" Natalie Dandekar, "Moral Issues Involved in Protecting Computer Software as Intellectual Property" David Hakken, "Machine-, Human-, or Culture-centered Computing? A View from the Trenches" PANEL DISCUSSION: Virtual Reality: What Does it Really Mean? Co-Sponsored by American Association for Artificial Intelligence, American Philosophical Association, Boston Computer Society, Harvard University Science, Technology and Public Policy, MIT Science, Technology and Society Dept. in cooperation with ACM SIGCAS and ACM SIGCHI. DIAC-90 is partially supported by the National Science Foundation under Grant No. 8811437, Ethics and Values Studies Office. The symposium will run from 9:00 am to 6:00 pm. Registration will start at 8:15 am. Lunch will be provided. A reception will follow. For additional information, contact symposium co-chairs: Coralee Whitcomb (617-891-3103 (weekdays), 508-945-0360 (weekends), or Peter Russo (206-965-1976, prusso@atc.boeing.com). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - DIAC-90 Registration Form Name: Address: Phone: E-Mail: Conference Fees: CPSR Member $40 __ Non-member $50 __ Student $25 __ Proceedings Only $20 __ Please make checks payable to DIAC-90. Send registration to: DIAC-90, c/o CPSR/LA, P.O. Box 66038, Los Angeles, CA 90066-0038. ------------------------------ End of RISKS-FORUM Digest 9.93 ************************